From patchwork Tue Jul 18 14:31:45 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Burgess X-Patchwork-Id: 72890 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 54027385DC15 for ; Tue, 18 Jul 2023 14:32:42 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 54027385DC15 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1689690762; bh=3qugLCfG7thDyI8SGBY+fV7ZH1lxMovzGlLuxZI8T7I=; h=To:Cc:Subject:Date:In-Reply-To:References:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=eszG/GYf+baV9/VYbVAhpfesq6M68PFlVU1/5RLLrW1i7eOf3J8cl9oQ3An1Fpg6X O5dRF01qXOHPx5h3ANbhPBNYzRxLlhPl443Gohl/wJw0Yr6aKEv2SjNuqInRcFA/Qc MnOMsZsMbTyVvE5waKztxBViTnnQdlFBAEqCnPd0= X-Original-To: gdb-patches@sourceware.org Delivered-To: gdb-patches@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id DA8BC3857009 for ; Tue, 18 Jul 2023 14:32:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org DA8BC3857009 Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-467-29UnJEuLPEuxzG37phQDCA-1; Tue, 18 Jul 2023 10:32:05 -0400 X-MC-Unique: 29UnJEuLPEuxzG37phQDCA-1 Received: by mail-wm1-f71.google.com with SMTP id 5b1f17b1804b1-3fbab56aac7so30506715e9.1 for ; Tue, 18 Jul 2023 07:31:55 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689690714; x=1692282714; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=3qugLCfG7thDyI8SGBY+fV7ZH1lxMovzGlLuxZI8T7I=; b=apyS0tC2Um3iWLOLA+Tk5k9O7dCByrtCt5JoksyoL0rNH1iSJQCy/0Ro50kxNETEpn DEhh1ZYQoCKGo5IJaDmwFyAaC+z14UaQ5y/rg3HJuU7l55ywNi0+cmLIaP0KTm5IT5R7 +3yGp38KKrXxFN2fBRJx9W1dc//fDXPTb9eoVLmCssdTs1PDP4IOxLqCqTRxhOYRCqdV ASB0vQeshAtt4gS9nExy7BIaV31rI954JcW6CjsscQslFZU84syzmv4IMwr4yKTMWS2P +Ko/a1ohUa0sM0S++q887KBsWewFymxsNY6ackftyJmhQKOxrvOwQnl52JuCKaK6WQp2 3KBg== X-Gm-Message-State: ABy/qLbMsZkC2JDivB0VDMc+E21LteEGJj/aHmWwjq7h34wjkFLLl8wG 9GusTkPAtK+dYfxOpZ4fJcw8YW1rLyQ1bh2zDj+DYvP4+UKlY9uEKAQFmPFrWMTWh0qAyKW2Yso hh/BSPF3X5av8g8UHhrJdxZGa16+CYUYrJUNAI7RhB0qI0InlOi6cf0JqRO5hpyXtAdHTnQiF4s QFA9iDiw== X-Received: by 2002:a05:600c:2902:b0:3f9:82f:bad1 with SMTP id i2-20020a05600c290200b003f9082fbad1mr1940992wmd.40.1689690713891; Tue, 18 Jul 2023 07:31:53 -0700 (PDT) X-Google-Smtp-Source: APBJJlGrtfQ4WzmhjagjPeqDh3aqiC3ZiBWPWF0DzKAYqQYG5P+wFgCRj8kMBk6O+acllMw8rD9R8g== X-Received: by 2002:a05:600c:2902:b0:3f9:82f:bad1 with SMTP id i2-20020a05600c290200b003f9082fbad1mr1940973wmd.40.1689690713525; Tue, 18 Jul 2023 07:31:53 -0700 (PDT) Received: from localhost (93.72.115.87.dyn.plus.net. [87.115.72.93]) by smtp.gmail.com with ESMTPSA id 3-20020a05600c234300b003fc04d13242sm10418613wmq.0.2023.07.18.07.31.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 18 Jul 2023 07:31:53 -0700 (PDT) To: gdb-patches@sourceware.org Cc: Andrew Burgess Subject: [PATCH 1/2] gdb: fix possible nullptr dereference in a remote_debug_printf call Date: Tue, 18 Jul 2023 15:31:45 +0100 Message-Id: <5476235cc65b171f32663fa5e0af0a62342d1f63.1689690655.git.aburgess@redhat.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: References: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.3 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_BARRACUDACENTRAL, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gdb-patches@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gdb-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Andrew Burgess via Gdb-patches From: Andrew Burgess Reply-To: Andrew Burgess Errors-To: gdb-patches-bounces+patchwork=sourceware.org@sourceware.org Sender: "Gdb-patches" While working on the next patch I triggered a segfault from within the function remote_target::discard_pending_stop_replies. Turns out this was caused by a cut&paste error introduced in this commit: commit df5ad102009c41ab4dfadbb8cfb8c8b2a02a4f78 Date: Wed Dec 1 09:40:03 2021 -0500 gdb, gdbserver: detach fork child when detaching from fork parent This commit adds a remote_debug_printf call that was copied from earlier in the function, however, the new call wasn't updated to use the appropriate local variable. The local variable that it is using might be nullptr, in which case we trigger undefined behaviour, and could crash, which is what I was seeing. Fixed by updating to use the correct local variable. --- gdb/remote.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gdb/remote.c b/gdb/remote.c index 7e3d6adfe4f..ff3d7e5cd32 100644 --- a/gdb/remote.c +++ b/gdb/remote.c @@ -7564,8 +7564,8 @@ remote_target::discard_pending_stop_replies (struct inferior *inf) for (auto it = iter; it != rs->stop_reply_queue.end (); ++it) remote_debug_printf ("discarding queued stop reply: ptid: %s, ws: %s\n", - reply->ptid.to_string().c_str(), - reply->ws.to_string ().c_str ()); + (*it)->ptid.to_string().c_str(), + (*it)->ws.to_string ().c_str ()); rs->stop_reply_queue.erase (iter, rs->stop_reply_queue.end ()); }